Search ThisCrazyTrain.com

Wednesday, April 8, 2015

You had one job, PRESTO!

from:axxxxxxx7@gmail.com
reply-to:axxxxxxx7@gmail.com
to:cj@thiscrazytrain.com
date:Wed, Apr 8, 2015 at 3:43 PM
subject:Presto email

I was on Presto's site to email them about something. They have one of those boxes for you to type your email into and submit. Did you know you can't use the following characters?

| & ; $ % ' \ " <> () + , 

So you can't even use dollar signs, apostrophes or commas.

My email wouldn't go through until I removed all of those.

I've never seen such a thing on an email form.

8 comments:

Anonymous said...

Fact. Presto doesn't want you to email them MUWAH HA HA HA HA HA

Warren Downe said...

I find sending an email to robert.hollis@prestocard.ca (Executive VP, PRESTO) with cc to CJ a more effective means of communicating with PRESTO.

TomW said...

Email addresses can't contain those symbols...

C.J. Smith said...

He meant the comment area. I tried it myself.

We use feedback forms at work and people can use a dollar sign as well as slashes in their text if needed. The form doesn't fail on submit.

So if you want to write "I put $100 on my card", the form won't accept that.

FRED said...

So I took a lot at the source code. The page was generated using MS Sharepoint and uses javascript to "authenticate" the form and .asp (Microsoft supported coding language).

I don't personally understand why the big puzzle piece to make this work but there are other methods to use where special characters would be accepted.

Anonymous said...

The comment form doesn't link to a back-end function so it shouldn't require authentication. Looks like a design error to me.

TomW said...

Whopos my mistake!
~~~~~
It sounds like a very lazy way to sanitise your data inputs (in effect, preventing you from using the comment form to make code run on the server).

It's also bad security, because you could send unsanitised submissions to the server without using the comment form, thus bypassing the form's security measure.

That said, there are very easy ways to snreu this isn't a security problem, and allow people to use whatever symbols they want, ɗɑɱɳȉʈ

Anonymous said...

This issue happened to me about a year ago, when I followed up Presto told me they were developing a "work around", I guess this has not happened. Shrug